﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Data.SqlTypes;
using System.Configuration;

public partial class MasterPage : System.Web.UI.MasterPage
{
    SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["conn"].ConnectionString.ToString());
    Random random = new Random();
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            Label1.Text = random.Next(1000, 10000).ToString();
        }
    }

    protected void Button1_Click(object sender, EventArgs e)
    {
        if (System.Data.ConnectionState.Closed == conn.State)
        {
            conn.Open();
        }
        if (DropDownList1.Text == "管理员")
        {
            if (Label1.Text.Trim() == yzm.Text.Trim())
            {

                string str = "select * from admin where name='" + name.Text.Trim() + "' and password='" + password.Text.Trim() + "'";
                SqlCommand comm = new SqlCommand(str, conn);
                SqlDataReader dr = comm.ExecuteReader();
                if (dr.HasRows)
                {
                    Session["name"] = name.Text.Trim();
                    Response.Write("<script>alert('欢迎" + name.Text.ToString() + "登录！')</script>");

                    Response.Redirect("backstage.aspx");
                }
                else
                {
                    Response.Write("<script>alert('用户名或者密码错误！')</script>");
                }
            }
            else
            {
                Response.Write("<script>alert('请输入正确验证码！')</script>");
            }
        }
        else
        {
            if (Label1.Text.Trim() == yzm.Text.Trim())
            {
                string str = "select * from userinfo where name='" + name.Text.Trim() + "' and password='" + password.Text.Trim() + "'";
                SqlCommand comm = new SqlCommand(str, conn);
                SqlDataReader dr = comm.ExecuteReader();
                if (dr.HasRows)
                {
                    Session["name"] = name.Text.Trim();
                    Response.Write("<script>alert('欢迎" + name.Text.ToString() + "登录！')</script>");
                    Response.Redirect("userbackstage.aspx");
                }
                else
                {
                    Response.Write("<script>alert('用户名或者密码错误！')</script>");
                }
            }
            else
            {
                Response.Write("<script>alert('请输入正确验证码！')</script>");
            }
        }       
    }

    protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
    {

        Session["sqlstr"] = "select * from payinfo where type='" + type.Text + "' and info like '%" + sinfo.Text + "%'";

        Response.Redirect("seach.aspx");
    }
    //protected void LinkButton1_Click(object sender, EventArgs e)
    //{
    //    Response.Redirect("login.aspx");
    //}

    protected void Button2_Click(object sender, EventArgs e)
    {
        conn.Open();
        string str = "select * from userinfo where name='" + names.Text.Trim() + "'";
        SqlCommand comm1 = new SqlCommand(str, conn);
        SqlDataReader dr = comm1.ExecuteReader();
        if (dr.HasRows)
        {
            Response.Write("<script>alert('一个账号只能注册一次！')</script>");
        }
        else if (password1.Text.ToString() != password2.Text.ToString())
        {
            Response.Write("<script>alert('2次输入密码不一样，请您核对后输入！')</script>");
        }
        else
        {
            dr.Close();
            SqlTransaction st = conn.BeginTransaction();
            SqlCommand comm = conn.CreateCommand();
            comm.Transaction = st;
            try
            {
                comm.CommandText = "insert into userinfo(name,password) values('" + names.Text.ToString() + "','" + password1.Text.ToString() + "')";
                comm.ExecuteNonQuery();
                Response.Write("<script>alert('恭喜您成功注册！')</script>");
                st.Commit();
            }
            catch (Exception ex)
            {
                st.Rollback();
                Response.Write("<script>alert('对不起注册失败！,请重试..')</script>");
            }
            finally
            {
                conn.Close();
                comm.Dispose();
            }
        }
    }
    protected void Button3_Click(object sender, EventArgs e)
    {
        Response.Redirect("index.aspx");
    }
}
